Upgrading your Raspberry Pi from Jessie to Stretch

The Debian team released their latest version of their operating system, Debian 9.0 Stretch back in June of this year, so it took a few months their Raspberry Pi variant, Raspbian to be adapted for Stretch but as of last month it is finally out!
Now usually with a major version upgrade I usually like to just do a clean install of the OS but I was feeling kind of lazy so I just decided to upgrade.

Note: Always be sure that your Raspberry Pi is backed up before you do a major upgrade such as this.

To upgrade, make sure that your current version of Raspbian Jessie is up to date by either in the terminal or SSH typing:

  • sudo apt-get update
  • sudo apt-get upgrade

Once Jessie is up to date, you’ll need to add the new repository for Stretch. To add the repository, type: sudo sed -i 's/jessie/stretch/g' /etc/apt/sources.list

Now, refresh your repository mirrors again by typing: sudo apt-get update

It’s now time to perform the upgrade. Go ahead and type: sudo apt-get upgrade again. It will prompt you several times during the upgrades about package conflicts and what not, for most cases the default option should be fine.

It should take about 15-20 minutes for the upgrade to complete depending on your internet connection. Once it’s done, go ahead and reboot your Pi by typing: sudo shutdown -r now

That’s it! You have now successfully upgraded your Pi to Raspbian Stretch!

CentOS: My Preferred Server Operating System

Every time I need to setup a new server, unless the application(s) I’m planning to host on it requires different, my go to operating system has been CentOS for the past decade or so, mostly because of how rock solid it is (I don’t think I’ve ever had a CentOS server crash on me). That’s partly because it is a derivative from Red Hat Linux. In fact, Red Hat not only owns the trademarks for CentOS, it also employees their primary developers.
I hardly ever setup a Linux server with a GUI so most of the time I install it with the minimalist image which works great for my LAMP servers, SAMBA servers and script servers. Because of its association with Red Hat, most mainstream Linux applications have support and documentation for CentOS. Another extremely important thing to look for in server operating systems is the lifecycle, meaning how long will the CentOS team maintain the release of a version and provide security updates and such. Most CentOS versions have a lifecycle for a decade so you won’t have to worry about being forced to upgrade anytime soon after you implement a CentOS server.

I wouldn’t recommend using CentOS as a workstation at all given that its GUI is extremely slimmed down but for a server operating system you are hard pressed to find a OS as solid as CentOS.

PHP Tip: Auto-Prepending your Custom Functions Globally

There are just some things that you like done your way. Ever since I’ve been developing with PHP, I’ve kept a file with my own custom developed functions that I know I may want to use again. Everything from a custom send email function that will report bounces back to me to simple one parameter file uploads to encryption functions and so on.
I got into the habit about ten years ago to maintain this master function file and then on every web server that I have under my control, I set the flag in the php.ini file, auto_prepend_file to my master functions file that way all of my custom functions are available to me in every PHP file on that system without me having to do anything.

RClone: Tool for accessing your cloud via CLI

Most of the Linux servers that I setup and/or maintain I typically run in CLI (command line interface) mode and don’t even bother to install a GUI just to preserve disk space, memory usage and CPU usage. However, it can be a pain to access my cloud storage services.
Then a few years ago, I discovered RClone. RClone lets you perform basic file and directory functions such as copy, move, delete and sync. I primarily use my Google Drive but RClone supports:

  • Google Drive
  • Dropbox
  • OpenStack Swift
  • Amazon S3
  • Google Cloud Storage
  • Amazon Drive
  • OneDrive
  • Hubic
  • Backblaze B2
  • Yandex Disk
  • SFTP
  • FTP
  • HTTP

One of the reasons why I love RClone is how simple it is to use:

  • Download it from http://rclone.org/downloads
  • Extract it using tar -xvf rclone*
  • Run it for the first time using ./rclone config
  • It will then prompt you for the connection type, I choose 8 for Google Drive
  • Then it will prompt you to name the connection. I keep it simple by just naming mine “g”
  • It will then ask you to authenticate
  • Confirm your settings and you’re done

Now to use it, for example to copy a file to your cloud storage, just use:

/path/to/rclone/rclone copy localfile (name of your storage):/

In my case:

/home/pi/rclone/rclone copy myfile.ext g:/

Adminer: An Open Source MySQL Management Tool

I still use MySQL or MariaDB for most of my personal development projects. It’s quick and easy to setup and maintain and it’s usually good enough for whatever I’m doing. However, one of the things that I have always hated is writing my own CREATE and ALTER statements. I’m fine with all the other queries but those two have always been a pain for me.
On the desktop, in the older days I used to exclusively use Navicat but ever since Oracle redeveloped MySQL Workbench, I’ve been using it for the last several years. It’s quite honestly one of the best GUI tools for MySQL that I’ve seen.

Then a while ago, I came across an open source project called Adminer. It’s a tool that evolved from the management system, phpMyAdmin. The greatest thing about it is the whole system is contained in a single PHP file so to use it, you just put it in your web server directory, navigate to it in your web browser, login using your existing database credentials and you’re in.

I’ll admit that it’s not the most aesthetically pleasing tool in the world but it gets the job done!

Electronic Frontier Foundation’s Let’s Encrypt

In the early days of my business, one of the first services that we offered was web development and design, to be quite honest because it was fairly easy to sell at a large profit margin. However, with me being me and having an intense background in system and server administration, we not only designed and developed the websites, we would also provide the hosting and maintenance for those sites.
All well and good except that some of those websites had either e-commerce built into the site or collected sensitive information from their customers or patrons. So it was a must to use SSL certificates to secure the data while in transport from the user’s browser to our servers (I’ll get into securing and encrypting that data at rest some other day). Back when we were doing it, you had to go find a trusted certificate authority that you actually trusted such as Verisign or Norton that usually came out to a few hundred dollars every year, generate your public and private certificates on your server then getting them to work with whichever web server you had. It was a mess. By far the thing that I hated doing the most for web hosting.

That’s why I was so stoked when I found out about a year and a half ago that The Electronic Frontier Foundation (EFF), in an effort to make SSL connections the new default, not only was becoming a certificate authority, they developed a tool called Lets Encrypt that makes it ridiculously simple to enable SSL on your website. All you have to do is go to https://letsencrypt.org, choose your operating system and web server and it will download the appropriate script. Oh yeah, it’s completely free!

Since Let’s Encrypt has came out, I have used it for every web server that I’ve set up whether it needs it or not. It literally on takes about five minutes to setup so why not?

Invoice Plane: Open Source Accounting System

When I first started my business ten years ago, a lot of the tools that I used, I developed myself and that included my invoicing and billing system.
However, about five years in, it was getting to the point where I’d go to invoice a client, I’d have to fix or patch something first. So I eventually bit the bullet and signed up and paid for Freshbooks, which really is a great product but for one, it’s just another monthly bill you have to worry about paying and for two, if you’re just getting started in your business or just have a side business where you don’t need to send invoices or track expenses all that frequently, you may not want to pay that monthly fee.

In comes Invoice Plane. Think of it like the WordPress of accounting software. Invoice Plane is completely self-hosted so you can host it on your existing LAMP server or you can just do what I did and dedicate an old Raspberry Pi to hosting it (or an old computer you have laying around).

With Invoice Plane, you can:

  • Invoice and track clients (totals, outstanding balances, paid balances)
  • Track expenses, including receipts
  • Generate profit and loss statements
  • Accept credit card payments with third party merchants such as my favorite, Stripe (although you’ll need your host on the public internet for that one)

I’ll be the first one to admit that there are a ton of more elegant and more functional accounting systems out there, however, there are some systems that I still like to have in my complete control versus putting in the cloud and business financial data is one.

Check it out at: http://invoiceplane.com

3CX Phone System

Back in the day, when I first started with VOIP, I really wanted to go with some form of asterisk like Trixbox or Elastix but after months and months of trying, I just couldn’t get it stable enough for companies to be able to rely on.
Then a buddy of mine suggested that I look at a system called 3CX. At that time they were just on version 10 and it only ran on Windows but I tried it out anyway and it seemed pretty stable so we went ahead and bought a license for it (I believe it was $1,200 at that time).

Fast forward to today, about a month ago I had to rebuild a phone server for a non-profit in Bakersfield. Beforehand, I did a bit of research and found that 3CX was not only now on version 15, but they now supported Linux as a platform! Moreover, since this non-profit only had a handful of employees, I could get them on the free tier! Some of the more advanced features aren’t included in the free tier such as the fax server and it limits the number of simultaneous calls to eight but for this particular project, it was perfect!

Within an afternoon, I had wiped one of their old servers, installed Debian 9.0 on it, installed 3cx on it and was provisioning phones. I built it on a Friday but waited until the weekend to change over their SIP trunk provider (Nexvortex) just in case something went wrong.

That following Monday morning, I made sure to wake up extra early and clung to my phone all day knowing that there had to be something that was overlooked or left un-configured. 8:00? Nothing. 12:00? Nothing. 3:00? Nothing. I finally sent the director a text and asked how the phones were today? She just said, “Good, no problems.” Trust me, that’s a miracle!

It’s been up and running solid for a good month and a half except for one issue: if you’re running 3CX on a server with two NICs, be sure to only have one interface hooked to the network.

For the past few years, I had been using RingCentral for most of clients just because it was pretty much friction free but I’m thinking that for now on, I’ll use 3CX on top of Debian.

PFSense: My Go To Firewall for SMB

Given that I’m an open source junky, it should be no surprise that PFSense is without a doubt, my favorite firewall for both home and small business use.
During the last three years of my business, instead of buying a Cisco SMB or a Sonicwall firewall, what I’ve done is buy a refurbished Dell Poweredge server with typically around 16 gb of memory and usually a RAID array that has the usable capacity of 500 gb for around $200-$300 and popping PFSense on it.

Aside from it being completely open source, some of the things that I love about it are:

  • It being rock solid given its FreeBSD foundation
  • It’s bandwidth monitoring and rule-based policies
  • VPN built in with both OpenVPN and IPSec
  • Web caching built in with Squid
  • Web content filtering to block people from visiting unwanted or inappropriate websites
  • It’s on-demand virus scanning, blocking viruses and malware before it reaches the client’s computer
  • Limit traffic by country
  • A programmable intrusion detection system
  • VLANs completely built in

I could go on and on and on. There are literally hundreds of available plugins that extend the core of PFSense’s functionality. Knock on wood but I’ve had some PFSense servers running for years without issue. I know that a Poweredge server is a bit overkill for a firewall for a small business, but at that price, why the hell not?

OwnCloud: An open source, self-hosted Dropbox alternative

Sometime last year right around the time that Dropbox had their database of user accounts and passwords compromised, a client of mine got wind of the story and asked me to remove all of their cloud services to on-premise servers.
At the time, I was using Dropbox Plus to keep their network drive in sync between their multiple business locations (quite honestly because it just worked and it was one last thing that I had to worry about managing) so I began researching open source, self hosted alternatives to Dropbox. I quickly came across OwnCloud which is exactly what I was looking for. OwnCloud runs on top of your existing LAMP stack and has a web client, desktop sync clients as well as mobile clients for both iOS and Android. Best of all, it has file versioning built in. You can also use the EFF’s LetsEncrypt to secure the data in transit using SSL.

Ever since discovering it, I’ve also ran my own personal OwnCloud server using a Raspberry Pi and a one terabyte external hard drive. Of course, with any self hosted service, you get the responsibility of backing it up. I don’t keep anything mission critical on my OwnCloud but I wrote a simple Python script to copy over all of the data, dump the MariaDB database, tar it into an archive, send it through an encryption process and send it up to my Google Drive once a week.

Even if you don’t have a business, having your own personal cloud storage is still a fun project to do. For less than $99 (the cost for 1 year of Dropbox Pro), you can go on Amazon and order yourself a cheap Raspberry Pi kit as well as a 1 terabyte USB external hard drive and build your own personal cloud storage!